Printed from

Goodwill investigating possible data breach, could date back to 2013

updated 04:18 pm EDT, Tue July 22, 2014

Company says no breach confirmed, but continuing investigation with authorities

Goodwill Industries International, the business entity behind the popular nonprofit second-hand stores, announced this week that it is investigating a potential data breach involving credit card data. The breach was said to occur in selected stores within the United States, but Goodwill has offered no information on which stores were affected.

According to a statement from Goodwill, the company was contacted on Friday by federal authorities and a credit card fraud investigative unit that a number of stores may have been involved in a data theft. The statement mentions that Goodwill is working with authorities and industry contacts to review all of the information.

"At this point, no breach has been confirmed, but an investigation is underway," said the statement. "Goodwills across the country take the data of consumers seriously and their community well-being is our number one concern."

As the company looks into the breach, Goodwill spokeswoman Joye Taylor told CNN that an assembled team worked through the weekend to look into validity of the information. She confirmed that the company was working specifically with the United States Secret Service on the case. The government agency has had its hands busy since 2013 tracking other data breach activity including breaches at Target and Michaels craft stores.

"We are proactively engaged with the payment card industry contacts, the Secret Service and all Goodwill headquarters to identify what problem, if any, exists so that we can take prompt and appropriate actions as well as communicate appropriately to any affected parties," said Taylor.

Brian Krebs, of Krebs on Security, first reported on the possible breach, adding that it's unknown at this time how long ago the breach started. However, Krebs adds that the sources that informed him of the breach state that it "could extend back to the middle of 2013."

Krebs claims that insiders indicated that "multiple locations" are involved in the breach across numerous states. Insiders told Krebs that the breach could be across as many as 21 states, "including Arkansas, California, Colorado, Florida, Georgia, Iowa, Illinois, Louisiana, Maryland, Minnesota, Mississippi, Missouri, New Jersey, Ohio, Oklahoma, Pennsylvania, South Carolina, Texas, Virginia, Washington and Wisconsin."

If the suspected data breach is found to have resulted in the theft of customers' credit cards, it will mark the sixth major chain hit in recent history. P.F. Chang's, the most recent breach involving credit cards, still hasn't released major details on its case.

By Electronista Staff
Post tools:




Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular


Recent Reviews

Brother HL-L8250CDN Color Laser Printer

When it comes to selecting a printer, it's not exactly something most people put a lot of thought into. Printers are often touted as f ...

Moshi iVisor AG and XT for iPad Air 2

Have you ever tried to put in a screen protector that relies on static to cling to the screen? How many bubbles and wrinkles does it h ...

Epson PowerLite Home Cinema 3500 projector

Trying to find the perfect projector for a home theater can be tricky, as there are bountiful options on the market from a large numbe ...



Most Commented


Popular News